Test ID:	1.3.6.1.4.1.25623.1.0.57874
Category:	Gentoo Local Security Checks
Title:	Gentoo Security Advisory GLSA 200608-24 (AlsaPlayer)
Summary:	The remote host is missing updates announced in;advisory GLSA 200608-24.
Description:	Summary: The remote host is missing updates announced in advisory GLSA 200608-24. Vulnerability Insight: AlsaPlayer is vulnerable to multiple buffer overflows which could lead to the execution of arbitrary code. Solution: AlsaPlayer has been masked in Portage pending the resolution of these issues. AlsaPlayer users are advised to uninstall the package until further notice: # emerge --ask --unmerge 'media-sound/alsaplayer' CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2006-4089 BugTraq ID: 19450 http://www.securityfocus.com/bid/19450 Bugtraq: 20060809 Multiple buffer-overflows in AlsaPlayer 0.99.76 (Google Search) http://www.securityfocus.com/archive/1/442725/100/0/threaded Debian Security Information: DSA-1179 (Google Search) http://www.debian.org/security/2006/dsa-1179 http://archives.neohapsis.com/archives/fulldisclosure/2006-08/0249.html http://security.gentoo.org/glsa/glsa-200608-24.xml http://aluigi.altervista.org/adv/alsapbof-adv.txt http://www.osvdb.org/27883 http://www.osvdb.org/27884 http://www.osvdb.org/27885 http://secunia.com/advisories/21422 http://secunia.com/advisories/21639 http://secunia.com/advisories/21749 http://secunia.com/advisories/22018 http://securityreason.com/securityalert/1356 SuSE Security Announcement: SUSE-SR:2006:021 (Google Search) http://www.novell.com/linux/security/advisories/2006_21_sr.html http://www.vupen.com/english/advisories/2006/3235 XForce ISS Database: alsaplayer-cddblookup-bo(28308) https://exchange.xforce.ibmcloud.com/vulnerabilities/28308 XForce ISS Database: alsaplayer-gtkplaylist-bo(28307) https://exchange.xforce.ibmcloud.com/vulnerabilities/28307 XForce ISS Database: alsaplayer-reconnect-bo(28306) https://exchange.xforce.ibmcloud.com/vulnerabilities/28306
Copyright	Copyright (C) 2008 E-Soft Inc.

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.